3 Reasons to Change Your Password Right Now

When was the last time you changed your passwords? If you haven't done it in over a year, now is the best time to change every single password you are using. Here is why.

1. Easy to Hack

If you are like most of us, the passwords you use are very easy to hack. A recent survey by the Digital Guardian shows that 67% of people use weak or very weak passwords. These passwords are easy to crack, and the most common techniques for doing so are remarkably effective and require very little effort.

How do you know if your password is weak? Weak passwords are normally short (under 12 characters) and they contain obvious words or memorable keyboard paths. The five most common (and the absolutely worst) passwords used in 2021 were "123456," "123456789," "12345," "qwerty," and "password". Follow this guide to check if the passwords you are using are easy to crack.

So the best way to make your passwords really hard to hack is to make them long and complex.

2. Reused Passwords

Coming up with good passwords and actually remembering them is not easy. So, many of us take a shortcut: we use the same password or slight variations of a single password for many online accounts. The Digital Guardian survey I have already mentioned suggests that six out of 10 people use the same password across many websites.

The problem with doing so is that once a hacker cracks a single account of yours, they will easily compromise all other accounts that use the same or slightly different password.

So make sure that every single password you use is unique to the account and device it is protecting.

3. Leaked or Hacked Passwords

Hundreds or millions of online accounts have been hacked or compromised as a result of data breaches or other cybersecurity incidents. In most cases, the owners of these accounts continue using them without realizing that their credentials and other personal details are public and relatively easy to find.

The good news is that it is quick and easy to check if your accounts have been compromised in any known leaks or data breaches. To do so, go to the Have I Been Pwned website and enter the email addresses you use to register on various websites and online services. If the email address you enter has been part of any data breach, you will get a list of websites or services on which your accounts are at risk. In this case, go back to each of these accounts and change your passwords as soon as possible.

It is a good idea to bookmark the Have I Been Pwned website and set a reminder on your phone to run your email addresses through the service every three or four months.